cursor-extension-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs searching for and installing extensions from the public VS Code Marketplace (see SKILL.md "Search for desired extension" and references/installing-extensions.md and the Resources link to https://marketplace.visualstudio.com/), which is untrusted third-party content whose metadata and packages the agent would rely on and that can materially change agent/tool behavior.